#! /bin/sh
#
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
# Copyright (c) 1993, 2010, Oracle and/or its affiliates. All rights reserved.
#

. /lib/svc/share/smf_include.sh

DEVALLOC=/etc/security/device_allocate
DEVMAPS=/etc/security/device_maps
DEVFSADM=/usr/sbin/devfsadm
MKDEVALLOC=/usr/sbin/mkdevalloc
MKDEVMAPS=/usr/sbin/mkdevmaps
HALFDI=/etc/hal/fdi/policy/30user/90-solaris-device-allocation.fdi

# dev_allocation_convert
#	All the real work gets done in this function

dev_allocation_convert()
{
#
# If allocation already configured, just return
#
if [ -f ${HALFDI} -a -f ${DEVALLOC} -a -f ${DEVMAPS} ]; then
    return
fi

# Prevent automount of removable and hotpluggable volume
# by forcing volume.ignore HAL property on all such volumes.
if [ ! -f ${HALFDI} ]; then
	cat > ${HALFDI} <<FDI
<?xml version="1.0" encoding="UTF-8"?>
<deviceinfo version="0.2">
  <device>
    <match key="info.capabilities" contains="volume">
      <match key="@block.storage_device:storage.removable" bool="true">
        <merge key="volume.ignore" type="bool">true</merge>
      </match>
      <match key="@block.storage_device:storage.hotpluggable" bool="true">
        <merge key="volume.ignore" type="bool">true</merge>
      </match>
    </match>
  </device>
</deviceinfo>
FDI
fi

# Initialize device allocation


# Need to determine if Trusted Extensions is enabled.
# Check the setting in etc/system (other methods won't work 
# because TX is likely not yet fully active.)
#
grep "^[ 	]*set[ 	][ 	]*sys_labeling[ 	]*=[ 	]*1" \
    /etc/system > /dev/null 2>&1

if [ $? = 0 ]; then
	# Trusted Extensions is enabled (but possibly not yet booted).
	${DEVFSADM} -e
else
	if [ ! -f ${DEVALLOC} ]; then
		echo "DEVICE_ALLOCATION=ON" > $DEVALLOC
		${MKDEVALLOC} >> $DEVALLOC
	fi
	if [ ! -f ${DEVMAPS} ]; then
		${MKDEVMAPS} > $DEVMAPS
	fi
fi
}

dev_allocation_unconvert()
{
	# Turn off device allocation.
	${DEVFSADM} -d
	/usr/bin/rm -f $DEVALLOC $DEVMAPS
	# Restore default policy for removable and hotpluggable volumes
	/usr/bin/rm -f $HALFDI
}

case "$1" in
'start')
	dev_allocation_convert
	deallocate -Is
	;;
'stop')
	state=`/usr/bin/svcprop -c -p general/enabled $SMF_FMRI 2>/dev/null`
	if [ "$state" = "true" ] ; then
		exit $SMF_EXIT_OK
	fi
	dev_allocation_unconvert
	;;
esac

exit $SMF_EXIT_OK 
